Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Over the past month, we’ve rolled out several new capabilities, including: ‍ ‍ ‍

Trustwave SpiderLabs’ recent threat report on the hospitality industry included a reminder that people are the weakest link in most any cyber security plan, along with some sobering points demonstrating how employees are being challenged more than ever by bad actors armed with generative artificial intelligence (GenAI) tools.

Seccomp, short for Secure Computing Mode, is a noteworthy tool offered by the Linux kernel. It is a powerful mechanism to restrict or log the system calls that a process makes. Operating within the kernel, seccomp allows administrators and developers to define fine-grained policies for system call execution, enhancing the overall security posture of applications and the underlying system.

CrowdStrike’s mission is to stop breaches. We continuously research and develop technologies to outpace new and sophisticated threats and stop adversaries from pursuing attacks. We also recognize that security is best when it’s a team sport. In today’s threat landscape, technology collaboration is essential to deploy novel methods of analysis and defense.

Securing custom applications in a sea of vulnerabilities is daunting. To make the task even more challenging, the threat to applications continues to grow: 8 out of the top 10 data breaches last year were related to application attack surfaces.1 This blog details two effective strategies for identifying vulnerabilities in custom software applications so they can be quickly addressed.

The founder of the Boy Scouts, Robert Baden-Powell, once said “Be Prepared… the meaning of the motto is that a scout must prepare himself by previous thinking out and practicing how to act on any accident or emergency so that he is never taken by surprise.” Much like the Boy Scouts, IT departments must also embrace the “Be Prepared” motto. Emergencies and accidents are no longer a matter of “if” but “when”.

Data protection is critical for IT professionals, but choosing between incremental vs. differential backup strategies can be complex. While full backups are key, their limitations in speed, storage, and flexibility become apparent as your data grows. Incremental backups offer a more efficient solution, backing up only the data that has changed since the last backup. This strategy significantly reduces backup time, minimizes storage requirements, and scales well for growing datasets.

We all know the cybersecurity industry loves its acronyms, but just because this fact is widely known doesn’t mean everyone knows the story behind the alphabet soup groups of letters, we must deal with on a regular basis. Let’s take a moment to discuss some of the more prominent security architectures specific to the cloud so we are all on the same page: CNAPP, CWPP, CIEM, and CSPM.

A product is only as secure as its weakest link. That is why many talented security engineers and researchers recommend embedding security as early in the software development life cycle (SDLC) as possible, even from the very first line of code. Or better yet, even before the very first line of code, during the threat modeling and architecture phase. Smart people have been saying this for a very long time. So, why does product security still remain difficult?

Zero-day vulnerabilities are the surprise no developer wants to get. Because these security flaws are unknown to developers, they have zero days to prepare or mitigate the vulnerability before an exploit can occur. 62% of vulnerabilities were first exploited as zero-day vulnerabilities, so they are far more prevalent than we think. Even Google Chrome can attest to that after discovering a series of zero-day vulnerabilities that left its billions of users at risk in 2023.